Bug #1308261 “ICE provoked by a lambda using the sizeof a captur...” : Bugs : gcc-4.8 package : Ubuntu

Revision history for this message

In GCC Bugzilla #60855, Brady Garvin (bgarvin) wrote on 2014-04-15:

#1

Created attachment 32611
Preprocessed source

$ cat gcc-bug.cpp
int main() {
    unsigned count = 5;
    bool array[count];
    [&array] () {
      array[0] = sizeof(array) > 5;
    }();
    return 0;
}

$ g++ -Wall -Wextra --std=c++11 gcc-bug.cpp
gcc-bug.cpp: In lambda function:
gcc-bug.cpp:6:5: warning: ‘<anonymous>’ is used uninitialized in this function [-Wuninitialized]
     }();
     ^
gcc-bug.cpp:3:21: note: ‘<anonymous>’ was declared here
     bool array[count];
                     ^
gcc-bug.cpp:6:5: internal compiler error: in expand_expr_real_1, at expr.c:9363
     }();
     ^
Please submit a full bug report,
with preprocessed source if appropriate.
See <file:///usr/share/doc/gcc-4.8/README.Bugs> for instructions.
Preprocessed source stored into /tmp/ccVaDFxq.out file, please attach this to your bugreport.

$ g++ -v
Using built-in specs.
COLLECT_GCC=g++
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.8/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu/Linaro 4.8.1-10ubuntu9' --with-bugurl=file:///usr/share/doc/gcc-4.8/README.Bugs --enable-languages=c,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-4.8 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --with-gxx-include-dir=/usr/include/c++/4.8 --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --enable-gnu-unique-object --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-4.8-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 4.8.1 (Ubuntu/Linaro 4.8.1-10ubuntu9)

$ # Closest I could find by searching is http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56699.

Created attachment 32611
Preprocessed source

$ cat gcc-bug.cpp
int main() {
    unsigned count = 5;
    bool array[count];
    [&array] () {
      array[0] = sizeof(array) > 5;
    }();
    return 0;
}

$ g++ -Wall -Wextra --std=c++11 gcc-bug.cpp 
gcc-bug.cpp: In lambda function:
gcc-bug.cpp:6:5: warning: ‘<anonymous>’ is used uninitialized in this function [-Wuninitialized]
     }();
     ^
gcc-bug.cpp:3:21: note: ‘<anonymous>’ was declared here
     bool array[count];
                     ^
gcc-bug.cpp:6:5: internal compiler error: in expand_expr_real_1, at expr.c:9363
     }();
     ^
Please submit a full bug report,
with preprocessed source if appropriate.
See <file:///usr/share/doc/gcc-4.8/README.Bugs> for instructions.
Preprocessed source stored into /tmp/ccVaDFxq.out file, please attach this to your bugreport.

$ g++ -v
Using built-in specs.
COLLECT_GCC=g++
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.8/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu/Linaro 4.8.1-10ubuntu9' --with-bugurl=file:///usr/share/doc/gcc-4.8/README.Bugs --enable-languages=c,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-4.8 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --with-gxx-include-dir=/usr/include/c++/4.8 --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --enable-gnu-unique-object --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-4.8-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 4.8.1 (Ubuntu/Linaro 4.8.1-10ubuntu9)

$ # Closest I could find by searching is http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56699.

Revision history for this message

In GCC Bugzilla #60855, Brady Garvin (bgarvin) wrote on 2014-04-15:

#2

Also ICEs in 4.9.0:

/usr/lib/gcc-snapshot/bin/g++ -v
Using built-in specs.
COLLECT_GCC=/usr/lib/gcc-snapshot/bin/g++
COLLECT_LTO_WRAPPER=/usr/lib/gcc-snapshot/libexec/gcc/x86_64-linux-gnu/4.9.0/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 20130917-1ubuntu1' --with-bugurl=file:///usr/share/doc/gcc-snapshot/README.Bugs --enable-languages=c,ada,c++,java,go,fortran,objc,obj-c++ --prefix=/usr/lib/gcc-snapshot --enable-shared --enable-linker-build-id --disable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --enable-gnu-unique-object --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-4.9-snap-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-4.9-snap-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-4.9-snap-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --with-tune=generic --enable-checking=yes --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 4.9.0 20130917 (experimental) [trunk revision 202647] (Ubuntu 20130917-1ubuntu1)

Revision history for this message

In GCC Bugzilla #60855, Rguenth (rguenth) wrote on 2014-04-16:

#3

Confirmed. We trap on

9446 /* Variables inherited from containing functions should have
9447 been lowered by this point. */
9448 context = decl_function_context (exp);
9449 gcc_assert (SCOPE_FILE_SCOPE_P (context)
9450 || context == current_function_decl
9451 || TREE_STATIC (exp)
9452 || DECL_EXTERNAL (exp)
9453 /* ??? C++ creates functions that are not TREE_STATIC. */
(gdb) l
9454 || TREE_CODE (exp) == FUNCTION_DECL);

where the context is 'main' but cfun is 'operator()' and 'exp' is the
SSA_NAME_VAR of an SSA name.

Index: gcc/tree-ssa.c
===================================================================
--- gcc/tree-ssa.c (revision 209423)
+++ gcc/tree-ssa.c (working copy)
@@ -686,6 +686,13 @@ verify_ssa_name (tree ssa_name, bool is_
return true;
}

+ if (SSA_NAME_VAR (ssa_name) != NULL_TREE
+ && decl_function_context (SSA_NAME_VAR (ssa_name)) != cfun->decl)
+ {
+ error ("SSA name for variable not belonging to the current function");
+ return true;
+ }
+
   if (is_virtual && !virtual_operand_p (ssa_name))
     {
       error ("found a virtual definition for a GIMPLE register");

should catch the root cause. Well, it's already bogus at into-SSA time.

Index: gcc/tree-cfg.c
===================================================================
--- gcc/tree-cfg.c (revision 209423)
+++ gcc/tree-cfg.c (working copy)
@@ -2972,6 +2989,15 @@ verify_expr (tree *tp, int *walk_subtree
}
break;

+ case VAR_DECL:
+ if (decl_function_context (t)
+ && decl_function_context (t) != cfun->decl)
+ {
+ error ("invalid context of variable");
+ return t;
+ }
+ break;
+
     default:
       break;
     }

makes it error after CFG construction. So it must be an error during
un-nesting (which is interwinded with gimplification).

Confirmed, not a regression.

Confirmed.  We trap on

9446          /* Variables inherited from containing functions should have
9447             been lowered by this point.  */
9448          context = decl_function_context (exp);
9449          gcc_assert (SCOPE_FILE_SCOPE_P (context)
9450                      || context == current_function_decl
9451                      || TREE_STATIC (exp)
9452                      || DECL_EXTERNAL (exp)
9453                      /* ??? C++ creates functions that are not TREE_STATIC.  */
(gdb) l
9454                      || TREE_CODE (exp) == FUNCTION_DECL);

where the context is 'main' but cfun is 'operator()' and 'exp' is the
SSA_NAME_VAR of an SSA name.

Index: gcc/tree-ssa.c
===================================================================
--- gcc/tree-ssa.c      (revision 209423)
+++ gcc/tree-ssa.c      (working copy)
@@ -686,6 +686,13 @@ verify_ssa_name (tree ssa_name, bool is_
       return true;
     }
 
+  if (SSA_NAME_VAR (ssa_name) != NULL_TREE
+      && decl_function_context (SSA_NAME_VAR (ssa_name)) != cfun->decl)
+    {
+      error ("SSA name for variable not belonging to the current function");
+      return true;
+    }
+
   if (is_virtual && !virtual_operand_p (ssa_name))
     {
       error ("found a virtual definition for a GIMPLE register");

should catch the root cause.  Well, it's already bogus at into-SSA time.

Index: gcc/tree-cfg.c
===================================================================
--- gcc/tree-cfg.c      (revision 209423)
+++ gcc/tree-cfg.c      (working copy)
@@ -2972,6 +2989,15 @@ verify_expr (tree *tp, int *walk_subtree
        }
       break;
 
+    case VAR_DECL:
+      if (decl_function_context (t)
+         && decl_function_context (t) != cfun->decl)
+       {
+         error ("invalid context of variable");
+         return t;
+       }
+      break;
+
     default:
       break;
     }

makes it error after CFG construction.  So it must be an error during
un-nesting (which is interwinded with gimplification).

Confirmed, not a regression.

Matthias Klose (doko) on 2014-08-15

Changed in gcc-4.8 (Ubuntu):
importance:	Undecided → Medium
status:	New → Confirmed
Changed in gcc-4.9 (Ubuntu):
importance:	Undecided → Medium
status:	New → Confirmed

Bug Watch Updater (bug-watch-updater) on 2019-01-29

Changed in gcc:
importance:	Unknown → Medium
status:	Unknown → Confirmed

Revision history for this message

In GCC Bugzilla #60855, Jason-gcc (jason-gcc) wrote on 2020-01-21:

#4

*** Bug 86432 has been marked as a duplicate of this bug. ***

Revision history for this message

In GCC Bugzilla #60855, Cvs-commit (cvs-commit) wrote on 2020-01-21:

#5

The master branch has been updated by Jason Merrill <email address hidden>:

https://gcc.gnu.org/g:ad09440a09597c34e0b93498aad9d6ef0b8ca9ae

commit r10-6121-gad09440a09597c34e0b93498aad9d6ef0b8ca9ae
Author: Jason Merrill <email address hidden>
Date: Tue Jan 21 14:21:49 2020 -0500

PR c++/60855 - ICE with sizeof VLA capture.

    For normal captures we usually look through them within unevaluated context,
    but that doesn't work here; trying to take the sizeof of the array in the
    enclosing scope tries and fails to evaluate a SAVE_EXPR from the enclosing
    scope.

* lambda.c (is_lambda_ignored_entity): Don't look past VLA capture.

Revision history for this message

In GCC Bugzilla #60855, Jason-gcc (jason-gcc) wrote on 2020-01-21:

#6

Fixed for GCC 10.

Bug Watch Updater (bug-watch-updater) on 2020-01-24

Changed in gcc:
status:	Confirmed → Fix Released

Revision history for this message

In GCC Bugzilla #60855, Pinskia (pinskia) wrote on 2021-09-20:

#7

*** Bug 89138 has been marked as a duplicate of this bug. ***

Ubuntu
gcc-4.8 package

ICE provoked by a lambda using the sizeof a captured stack-allocated array

Bug Description

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
gcc	Fix Released	Medium	gcc-bugzilla #60855
gcc-4.8 (Ubuntu)	Confirmed	Medium	Unassigned
gcc-4.9 (Ubuntu)	Confirmed	Medium	Unassigned

Ubuntugcc-4.8 package

ICE provoked by a lambda using the sizeof a captured stack-allocated array

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
gcc-4.8 package